Medical devices at risk: 5 capabilities that invite danger
Medical device cybersecurity is lousy — beyond lousy. Indeed, the word from security experts for most of the past decade (and certainly since those devices increasingly have become connected to the internet) has been that while the physical security of most is superb and the devices function flawlessly, possibly for years at a time, when…
Hacking Factory Robot Arms for Sabotage, Fun & Profit
Black Hat talk will discuss how hackers could take over robotic arms, create micro-defects in products, and open up a new world of subtle blackmail. Security researchers have been accumulating a trove of breakthrough discoveries on Industrial Internet of Things (IIoT) vulnerabilities and releasing them at the Black Hat Briefings over the last few years…
How Hotel Cybersecurity Keeps Guests and Data Secure
Hotels need cybersecurity: Although they don’t have the volume of transactions that big box retail stores do, their transactions are generally larger, and their guests have more at stake than just their groceries. But the personal information hotels store is only part of what’s at risk. Hospitality organizations need to understand their vulnerabilities, as well…
Social media is a cybersecurity risk for business
By itself, social media might not constitute a cyberthreat but once again, employees who ignore best practices around security are making it easy for scammers. It’s even been described as the perfect hunting ground for illegal activity. Social media has also turned into a dandy reconnaissance tool that cybercriminals use to socially engineer their victims. When someone neglects their privacy settings or publicly posts personal notes and photos, they can leave cybercriminals free to use their information…
The Law of Unintended Outbreak – Who Is at Risk from Petya?
Hot on the heels of the global WannaCry outbreak in May, yesterday saw a wave of what looked like copycat malware sweeping the globe again. However, on closer inspection there may more to this than meets the eye, more than a simple new variant of an already established ransomware borrowing propagation techniques from WannaCry. The…
Video Game Firms Targeted With “Paranoid” PlugX Malware
Companies in the video game industry and possibly other sectors have been targeted in attacks involving improved variants of the notorious PlugX remote access trojan (RAT). Palo Alto Networks has spotted several interesting PlugX samples believed to have been used by the same threat actor. While the company has not provided any details on the…
Petya Weren’t Expecting This: Ransomware Takes Systems Hostage Across the Globe
Early on Tuesday, June 27, reports began to circulate that organizations in the Ukraine and elsewhere in Europe were suffering ransomware attacks. It quickly became clear that this Petya attack could equal or surpass the May WannaCry attack. WannaCry’s spread was so successful because it was powered by a flaw in Windows, and although Microsoft…
Something’s phishy: How to detect phishing attempts
Dear you, It appears you need to update your information. Click here to tell us all your secrets. No really, it’s totally safe. We’re not going to steal your identity, we swear. If only phishing attempts were that obvious. Instead, these days it’s hard to tell a phish apart from a foul, if you catch…
The quest for a more secure Dropbox alternative
If you use Dropbox, Google Drive, or Yandex.Disk, then you have no doubt appreciated the convenience of always having all of your important files handy on any device. A file can be shared with friends or coworkers in a second. However some find the data security on these popular services lacking, worrying that unauthorized people…
Week in review: Evaluating AI-based cyber security systems, how CIA hit air-gapped computers
Here’s an overview of some of last week’s most interesting news and articles: How the CIA gained access to air-gapped computers A new WikiLeaks release of documents believed to have been stolen from the CIA show the intelligence agency’s capability to infect air-gapped computers and networks via booby-trapped USB sticks. Hackers extorted a cool $1…